Protect

One of the most serious threats in the world today to the security of cyberspace is "social engineering" - the process by which people with access to critical information regarding information systems security are tricked or manipulated into surrendering such information to unauthorized persons, thereby allowing them access to otherwise secure systems. To date, little systematic research has been conducted on social engineering.

In order to establish a secure communication channel, each communicating party needs some method to authenticate the other, lest it unwittingly establish a channel with the adversary instead. Current techniques for authentication often rely on passwords and/or the public-key infrastructure (PKI). Both of these methods have considerable drawbacks since passwords are frequently breached, and PKI relies on central authorities which have proven to be less than reliable. Thus there is a need to use other sources of information for the communicating parties to authenticate each other.

The goal of this project is to create the algorithms, frameworks, and systems for defending the open web ecosystem from emerging threats. This project aims to (i) analyze malicious tasks and behaviors of crowdturfers; (ii) detect malicious tasks on crowdsourcing platforms by developing novel malicious task detectors; (iii) design and build a task blacklist; (iv) uncover the ecosystem of crowdturfers and detect crowdturfers; (v) combine crowdturfer detection approaches with other malicious participants detection approaches.

Concern about the security and reliability of our electronic systems and infrastructure is at an all-time high. Economic factors dictate that the design, manufacturing, testing, and deployment of silicon chips are spread across many companies and countries with different and often conflicting goals and interests. In modern complex digital designs, behaviors at a good fraction of observable output signals for many operational cycles are unspecified and vulnerable to malicious modifications, known as Hardware Trojans.

Information about individuals is collected by a variety of organizations including government agencies, banks, hospitals, research institutions, and private companies. In many cases, sharing this data among organizations can bring benefits in social, scientific, business, and security domains, as the collected information is of similar nature, of about similar populations. However, much of this collected data is sensitive as it contains personal information, or information that could damage an organization's reputation or competitiveness.